A Hybrid Technique Using Multi-objective Particle Swarm Optimization and Random Forests for PROBE Attacks Detection in a Network

A system connected to a network is an open choice for network intrusions unless a powerful intrusion detection or prevention system is implemented. Network security has become a serious issue due to increased unauthorized access and manipulation of network resources. Evolutionary approaches play an important role in identifying attacks with high detection rates and low false discovery rates. In this paper, a binary version of multi-objective particle swarm optimization (PSO) approach is used to detect PROBE attacks in a network. A vector evaluated PSO approach is used in the proposed technique with two objectives i.e., intrusion detection rate and false discovery rate, to guide the process of feature selection. The experiments are performed using the well-known KDD99Cup dataset. Multi-objective PSO approach is used for feature selection from a set of 41 features and Random Forests (RF), a highly accurate and fast algorithm, is used for classification. Empirical results show that the proposed technique outperforms well-known classification and regression techniques in most of the cases.